It doesn’t matter if you have a curious boss or a relationship with a controlling person, nobody has the right to monitor your phone or computer. But what can happen if someone installs a spy app on one of your devices?
These programs are designed to be as hidden as possible, but you can find them if you know how to look.
This guide focuses on software that was developed to camouflage itself in the system, but remember: there are hundreds of programs for parental control and tracking tools (such as Android Manager or Apple Find) that can be used by family members or people who set up the device. The difference is that it is obvious that these applications are active, but you should be aware of them and how they work.
The good news for iPhone users is that iOS simply does not allow applications to have minimal control over the operating system; as a result, spy apps cannot access what you are doing on the phone.
But there is an exception, and it includes jailbreaking, unlocking the system so that any application can be installed. Considering how difficult it is to do this today, let’s assume that this is not your case, as someone would need to have enough knowledge and take your device for a long time to perform the unlock.
The easiest way to check this is to check if the Cydia and SBSettings apps appear on your home screen.
If you discover that your iPhone has been jailbroken, restoring factory settings should do the trick, but make a backup of the important things, as resetting will erase all files on your phone. The best way to restore is by computer, and Apple has a comprehensive guide for you to follow.
Installing apps to spy on Android devices is, in a way, easier. That’s because, even though they are outside the official Google store, the programs can be distributed by other means.
To install the app, the person interested in spying needs to have physical access to the phone and be able to unlock it at some point. So, if you set up the device yourself and it has never been in the hands of others for more than a few seconds, you should be free of spies.
If your phone has been compromised, you will probably notice that the battery is running out too fast or warming up even without use.
Another clue of compromised cell phone is unexpected notifications and reboots or shutdowns taking longer than usual.
This is obviously not an exact science, as spy apps are designed not to be found, but any kind of abnormal phone behavior can be a tip.
Monitoring apps routinely hide their icons, but they can appear in the list of apps with generic, meaningless names to try not to attract attention.
Go to “Settings”, click on “Apps and Notifications” and “See all Apps” to check.
For extra security, you can get help identifying them through some applications like Incognito, Certo and Kaspersky Antivirus, which have good recommendations from users and should warn if they find something suspicious.
How to check the computer
Most of the principles cited for Android and iOS tend to be valid for Windows and macOS. Someone needs to have access to the computer or trick it into installing something yourself without knowing it – which is not difficult for employees of the IT department in your company. As always, keep your notebook or desktop password protected and pay attention to physical security, keeping an eye on who has access to the computer and when.
Both Microsoft and Apple are aware of this problem, so Windows and macOS will be able to detect and block some applications automatically. If you need extra help, some apps like Norton, BitDefender and Malwarebytes are available for both systems.
You can also scan applications and processes that start automatically when the computer is turned on. In Windows, this list is found on the Startup tab in the Task Manager (Ctrl + Shift + Esc). In macOS, open the “System Preferences” menu, select “Groups and Users” and “Login Items”. If you find something suspicious, search the web for the name of the application or process.
There are some extra permissions that this type of application needs on macOS. Under “System Preferences”, go to “Security and Privacy” and then “Privacy”. Check in “Input Monitoring” and “Full disk access”, as spy apps often need these authorizations. In Windows there is no such function, but you can view the permissions of applications by accessing the item “Privacy” found in “Application Permissions” in the “Settings” menu.
How to check your account online
For someone who wants to invade the privacy of others, it tends to be easier to get access to online accounts than to devices. With the possibility to consult everything on the internet, from social networks to e-mails, espionage tends to be more effective.
With that in mind, look for unauthorized access to your accounts. This obviously starts with protecting the username and a secure password, so consider using a Password Manager to maintain strong, random and different codes for each account. If available, enable two-factor authentication.
If there was any unwanted access to your account, you should be able to identify it. On Facebook, for example, visit your Settings page and click on “Security and Login” to check all the devices logged into your account and disconnect the ones you don’t recognize.
Some apps like WhatsApp and Snapchat only allow access on a single device, so you know that the active login is what you are using. But this is not a rule for all programs; on Instagram, for example, if you go to “Settings” and click on “Security and Login Activity”, you can view the list of devices connected to the account. To remove one of them, click on the icon with three dots and select “Exit”.
We also recommend checking account activity, such as files sent by email and messages received and sent on Twitter or Facebook Messenger. It is valid to check the drafts and the trash to search for actions that you did not perform. If someone has accessed your email, it is possible that you have set up an automatic filter for forwarding all incoming messages.
The verification of these items may be slightly different for each application or system, but keep an eye on the list of connected devices in your account and the activities of the application. These are the best ways to identify attackers, but another way to keep them out of your accounts is to update passwords frequently.